WebKit Bugzilla
New
Browse
Log In
×
Sign in with GitHub
or
Remember my login
Create Account
·
Forgot Password
Forgotten password account recovery
RESOLVED FIXED
158368
Eager FTL failure for strict comparison of NaN with number check
https://bugs.webkit.org/show_bug.cgi?id=158368
Summary
Eager FTL failure for strict comparison of NaN with number check
Joseph Pecoraro
Reported
2016-06-03 16:12:00 PDT
Created
attachment 280480
[details]
[TEST] JS Reduction * SUMMARY Eager FTL failure for strict comparison of NaN with number check * TEST function isNaNOnDouble(value) { return (+value) !== value; } noInline(isNaNOnDouble); function testIsNaNOnDoubles() { var value = isNaNOnDouble(-0); if (value) throw "isNaNOnDouble(-0) = " + value; var value = isNaNOnDouble(NaN); if (!value) throw "isNaNOnDouble(NaN) = " + value; var value = isNaNOnDouble(Number.POSITIVE_INFINITY); if (value) throw "isNaNOnDouble(Number.POSITIVE_INFINITY) = " + value; } noInline(testIsNaNOnDoubles); for (var i = 0; i < 1e6; ++i) { testIsNaNOnDoubles(); } * STEPS TO REPRODUCE 1. $ DYLD_FRAMEWORK_PATH=$build/Release $build/Release/jsc --useFTLJIT=true --useConcurrentJIT=false --thresholdForJITAfterWarmUp=100 --thresholdForJITAfterWarmUp=10 --thresholdForJITSoon=10 --thresholdForOptimizeAfterWarmUp=20 --thresholdForOptimizeAfterLongWarmUp=20 --thresholdForOptimizeSoon=20 --thresholdForFTLOptimizeAfterWarmUp=20 --thresholdForFTLOptimizeSoon=20 number-compare-strict.js Exception: isNaNOnDouble(NaN) = false * NOTES - The issue only reproduces if --useConcurrentJIT=false
Attachments
[TEST] JS Reduction
(553 bytes, application/x-javascript)
2016-06-03 16:12 PDT
,
Joseph Pecoraro
no flags
Details
Patch
(4.09 KB, patch)
2016-06-03 18:55 PDT
,
Benjamin Poulain
no flags
Details
Formatted Diff
Diff
View All
Add attachment
proposed patch, testcase, etc.
Benjamin Poulain
Comment 1
2016-06-03 17:44:08 PDT
I'll take it. Scary stuff.
Radar WebKit Bug Importer
Comment 2
2016-06-03 17:45:26 PDT
<
rdar://problem/26634629
>
Benjamin Poulain
Comment 3
2016-06-03 18:55:11 PDT
Created
attachment 280501
[details]
Patch
WebKit Commit Bot
Comment 4
2016-06-03 20:27:35 PDT
Comment on
attachment 280501
[details]
Patch Clearing flags on attachment: 280501 Committed
r201678
: <
http://trac.webkit.org/changeset/201678
>
WebKit Commit Bot
Comment 5
2016-06-03 20:27:42 PDT
All reviewed patches have been landed. Closing bug.
Note
You need to
log in
before you can comment on or make changes to this bug.
Top of Page
Format For Printing
XML
Clone This Bug